Credit card fraud is a major problem to retailers and credit card companies alike. Many credit card companies have addressed this problem with the introduction of ‘Chip and Pin’ technologies but this does not address the problem of ‘Card not present’ fraud which is on the increase as more people make on-line credit card purchases or purchase goods by telephone.
Furthermore, with the prevalence of computer viruses and in particular ‘Trojans’ which capture keystrokes (including credit card and personal identification numbers (“PINs”)) sending credit card information and PINs to an untrusted second party is inherently insecure.
The present invention provides a method by which fraud can be reduced through the use of ‘one-time’ transaction codes, as well as providing a general means of validating someone's identity or entitlement.
Potential uses include credit card purchases, premise and vehicle entry systems (including vehicle ignition switching), bank customer verification, passport verification, a replacement for passwords, or in any other situation where a person's ‘entitlement to service’ is required.
In U.S. Pat. No. 6,246,769 there is disclosed a system for replacing PINS with a transaction specific code which the user identifies from a matrix of symbols by reference to a personal randomly chosen pattern and sequence of matrix positions which the user registers with a central database along with personal identification data/account data. When a transaction, for example, is to be made, the user's pattern is retrieved from the database, and the transaction specific code is created and then placed in a matrix in the pattern positions. The remaining spaces are filled with symbols not used in the transaction specific code, to hide the code, before the matrix is displayed to the user with a request to enter the symbols occupying the user's personal pattern positions. The terminal then establishes that the user has entered the correct hidden code before seeking authorisation of the transaction.
In many situations, this process is undesirable for two principal reasons. Firstly, it requires the transmission of the user's stored personal pattern from the central database to the user terminal (ATM, for example), which is potentially insecure, and secondly the transaction requires either two separate data calls to the central database, or one continuous connection for the duration of the transaction. In either case, this is unacceptable for shop or bank transactions, as it would considerably increase the cost of operating the system—such transactions preferably only involve one brief communication to obtain authorisation for the transaction—while possibly increasing the risk of a breach of transaction security if the authorisation process required a continuous connection for the duration of the transaction.
In addition, the process disclosed in U.S. Pat. No. 6,246,679 cannot be used for off-line payment systems, since it requires access to the user's stored personal pattern.